package com.example.source_share.controller.admin;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.example.source_share.mapper.FileMapper;
import com.example.source_share.mapper.UserMapper;
import com.example.source_share.pojo.Files;
import com.example.source_share.pojo.User;
import com.example.source_share.service.user.account.InfoService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import java.util.HashMap;
import java.util.Map;
import java.util.Objects;

@RestController
public class adminController {
    @Autowired
    private FileMapper fileMapper;
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private InfoService infoService;
    @PostMapping("/user/edit")
    public Map<String,String> editUser(@RequestParam String username,
                                        @RequestParam String major,
                                        @RequestParam String grade,
                                        @RequestParam String email,
                                        @RequestParam String phonenumber,
                                        @RequestHeader("Authorization") String authorizationHeader) {
        Map<String,String> nowLogin=infoService.getinfo(); //需要管理员才能编辑用户
        Map<String,String> result= new HashMap<>();
        if(!Objects.equals(nowLogin.get("purview"), "Super Admin")&&!Objects.equals(nowLogin.get("name"), username)){
            result.put("message","权限不足!");
            return result;
        }
        QueryWrapper<User> queryWrapper=new QueryWrapper<>();
        queryWrapper.eq("username",username);
        User exist=userMapper.selectOne(queryWrapper);
        if(exist==null){
            result.put("message","用户不存在!");
            return result;
        }
        if(Objects.equals(exist.getPurview(), "Super Admin")&&!Objects.equals(nowLogin.get("name"),username)){
            result.put("message","无权修改超级管理员用户信息!");
            return result;
        }
        System.out.println("来自"+nowLogin.get("name")+"的修改操作，被修改者为:"+exist.getUsername());
        //更新操作
        exist.setMajorid(major);
        exist.setGrade(grade);
        exist.setEmail(email);
        exist.setPhonenumber(phonenumber);
        //提交数据库
        userMapper.update(exist,queryWrapper);
        result.put("message","修改成功！");
        return result;
    }
    @PostMapping("/file/edit")
    public Map<String,String> editFile(@RequestParam String filename,
                                       @RequestParam String major,
                                       @RequestParam String subject,
                                       @RequestParam String description,
                                       @RequestParam String kind,
                                       @RequestParam String grade,
                                       @RequestParam String year,
                                       @RequestHeader("Authorization") String authorizationHeader ){
        Map<String,String> nowLogin=infoService.getinfo(); //需要管理员或自己才能编辑文件信息
        Map<String,String> result= new HashMap<>();
        QueryWrapper<Files> queryWrapper=new QueryWrapper<>();
        queryWrapper.eq("filename",filename);
        Files fileNow=fileMapper.selectOne(queryWrapper);
        if(fileNow==null){
            result.put("message","文件不存在");
            return result;
        }
        if(!Objects.equals(nowLogin.get("purview"), "Super Admin")&&!Objects.equals(nowLogin.get("name"), fileNow.getFilename())){
            result.put("message","权限不足!");
            return result;
        }
        fileNow.setMajorid(major);
        fileNow.setSubject(subject);
        fileNow.setDescription(description);
        fileNow.setKind(kind);
        fileNow.setGrade(grade);
        fileNow.setYear(year);
        fileMapper.update(fileNow,queryWrapper);
        result.put("message","修改成功!");
        return result;
    }
    @PostMapping("/user/changePassword")
    public Map<String,String> changePassword(@RequestParam String username,
                                             @RequestParam String newpassword,
                                             @RequestHeader("Authorization") String authorizationHeader ){
        Map<String,String> nowLogin=infoService.getinfo();
        Map<String,String> result= new HashMap<>();
        //需要管理员或自己才能更新密码
        if(!Objects.equals(nowLogin.get("purview"), "Super Admin")&&!Objects.equals(nowLogin.get("name"), username)){
            result.put("message","权限不足!");
            return result;
        }
        PasswordEncoder passwordEncoder=new BCryptPasswordEncoder();
        String encodedPassword=passwordEncoder.encode(newpassword);
        QueryWrapper<User> queryWrapper=new QueryWrapper<>();
        queryWrapper.eq("username",username);
        User exist=userMapper.selectOne(queryWrapper);
        if(exist==null){
            result.put("message","用户不存在!");
            return result;
        }
        if(newpassword==null || newpassword.equals("")){
            result.put("message","密码为空");
            return result;
        }
        if(newpassword.length()>30){
            result.put("message","密码不能超过30");
            return result;
        }
        if(newpassword.length()<6){
            result.put("message","密码不能少于6位");
            return result;
        }
        exist.setPassword(encodedPassword);
        userMapper.update(exist,queryWrapper);
        result.put("message","修改密码成功!");
        return result;
    }
}
